Session Management

I,m reading Head first Servlets & JSP Chapter 6 Session Management.

For sending a Kookie in response or getting a Kookie in request we create a HttpSession Object as below

HttpSession session1 =request.getSession() ....(1)
or,
HttpSession session1 =request.getSession(false)...(2)

With the above session object created,the container takes care of generating sessionID,
creating a new Kookie object,stuffing the sessionID into Kookie and stuffing the Kookie
as a part of response.On subsequent requests,the container gets the sessionID,from the Kookie in the request,
matches the sessionID with the existing session and associates the session with current request.

Accordingly I tried a program as below

The output is as below:

EFA974B5F96EDC2432CDCC9F690FA25F
javax.servlet.http.Kookie@fae78f

I'm puzzzled with the output . "EFA974B5F96EDC2432CDCC9F690FA25F" refers to session id.
what "javax.servlet.http.Kookie@fsd45f" refers to?

where is the cookie with the above session id stored on my system.

According to your code, it is a Kookie.
When an object does not override Object.toString() you get the default object toString, which looks like that. If you would like more information you should call methods on the Kookie using the API

Please explain session concept.i wrote the below:

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String names =null;
PrintWriter out = response.getWriter();
HttpSession session1 =request.getSession();
if(session1.isNew()){
out.println("New Session Boss");
}
else
out.println("Old Session");
}

I idea behind trying this.I understand is the client opens a browser to execute this application.If its his/her first attempt then it returns new session as output else old session.but whenever i execute this application i get result as old sesssion only. whats wrong pleas explain.

Hi Rakesh,

request.getSession(true) only creates a session if one does not exist. It uses existing sessions if created before.

request.getSession(false) retrieves a session only if it already exists.
Here is you use session.invalidate() and if you try using session.setAttribute(), it results in NULLPOINTEREXCEPTION.

Regards,
Kiran.
[ May 16, 2008: Message edited by: K Kiran Kumar ]

Originally posted by Rakesh Mestry:
Please explain session concept.i wrote the below:

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String names =null;
PrintWriter out = response.getWriter();
HttpSession session1 =request.getSession();
if(session1.isNew()){
out.println("New Session Boss");
}
else
out.println("Old Session");
}

I idea behind trying this.I understand is the client opens a browser to execute this application.If its his/her first attempt then it returns new session as output else old session.but whenever i execute this application i get result as old sesssion only. whats wrong pleas explain.

In the above code you are giving a chance to the browser to use the existing session.So is your result.

But if you need it to have some constraint, i think the above response holds good.